Blowfish is the block cipher. It requires the data to be padded before encryption.
OpenSSL uses PKCS#7 and mcrypt uses PKCS#5. Different padding algorythms for data.
Minimal PKCS#5 padding length is 0, for PKCS#7 it’s 1 (wikipedia). Take a look at this example (i’ve manually padded input data for mcrypt_encrypt()
in PKCS#7 style):
<?php
$key = "anotherpassword1";
$str = "does it work 12";
$enc = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $str."\1", MCRYPT_MODE_ECB);
$dec = mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $enc, MCRYPT_MODE_ECB);
echo(bin2hex($enc).PHP_EOL);
var_dump($dec);
$enc = openssl_encrypt($str, 'bf-ecb', $key, true);
$dec = openssl_decrypt($enc, 'bf-ecb', $key, true);
echo(bin2hex($enc).PHP_EOL);
var_dump($dec);
?>
It’s impossible to openssl_decrypt() data encrypted with mcrypt_encrypt(), unless manual data padding was made with PKCS#7 before mcrypt_encrypt()
was called.
There is only one way in your case – recrypt the data.
PS: There is an error in your source – ECB mode does not uses IV at all (wikipedia)